phishing fishing or phishing definition
play

Phishing Fishing or Phishing? Definition Phishing: an attempt to - PowerPoint PPT Presentation

Mar 31, 2023 •318 likes •530 views

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons. Phishing can be in the form of emails, social

  1. Phishing

  2. Fishing or Phishing?

  3. Definition • Phishing: an attempt to trick victims into sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons. • Phishing can be in the form of emails, social media messages, texts, or phone calls. • General phishing attempts are sent to a large amount of people at the same time with the hope that someone will click on on a link and provide their personal information.

  4. Definition • Spear-phishing: An attempt to trick a specific victim into sharing sensitive information. • Often appear to be from a legitimate sender or someone familiar to the victim • Messages are modified to specifically address a victim • Includes personal information about the victim, usually obtained from social media

  5. Features of a Phishing Attack • Asks you to verify or update account information, such as name, date of birth, mothers maiden name, security questions, credit card information, and password. • The tone gives a sense of urgency or that you're in trouble. You have a limited time to respond. • There are spelling and grammar errors.

  6. Features of a Phishing Attack • What they’re saying sounds too good to be true. • The greeting or closing is generic. The greeting might say “Dear Valued Customer” • Links or attachments that lead you to a login page or a online form where you will have to provide personal information.

  7. Examples of Phishing Attacks

  8. Spelling/grammar error Due to a sytem error, you were double charged for your last Amazon order. A refund was initiated, but could not be completed due to an error in your billing address. Sense of urgency Asking to verify or update information You are required to update your valid address within 24 hours to receive your refund. Link that leads you to another page to enter Click her to update your DATA. personal information. After your address has been updated and validated, you should receive your refund within 3 business days. Sincerely, Generic closing amazon.com

  9. Asking to verify or update information Sense of urgency Link that leads you to another page to enter personal information.

  10. Generic greeting Spelling/grammar error Dear Gmail User, As part of our security measures, we regularly update all acounts on our database system. We are unable to update your email account and therefore will be cooling your email account to enable the web upgrade. You have been sent this invitation because our records indicate you are currently a user whose account has not been activated. We are therefore sending you this email so that you can inform us whether you still want to use this account. If you are still interested in having this account, DATA please update your DATA immediately because out system requires an account verification for the update. Asking to verify or update information To prevent an interruption with your Gmail services, please take a few moments to update your account by filling out the verification and update form immediately. Link that leads you to another Click here to verify your account. page to enter personal information. Sense of urgency Warning! Any account owner that refuses to update their account after receiving this email will lose their account permanently. We appreciate your cooperation in this matter. Sincerely, Generic closing Gmail Member Services Team

  11. To good to be true Sense of urgency Link that leads you to another page to enter personal information.

  12. Other Phishing Resources • Video: Phishing Scams in Plain English • Scams and Schemes - Common Sense Education • Better Business Bureau Scam Tips • Game: Phishing Scams - Avoid the Bait

  13. URL Analysis

  14. URL Analysis • Most email or text message phishing attacks start with a specially-crafted URL. • Even if an email or text doesn’t have any of the phishing features, you can still get hooked!

  15. URL Analysis • Which URL do you think is the real Facebook URL? • https://www.accounts.facebook.com/ verifylogin/user/ • https://www.facebook.fblogin.com/home 
 • If you read the URL #2 from left to right, like English, then this URL appears legitimate. • This is the wrong way to read a URL.

  16. URL Analysis • The right way to read a URL is right to left. • FIRST, start on the right of the URL and locate the Top Level Domain (.com) • The Domain name after the Top Level Domain is the registered user of the website. • https://www.accounts. facebook.com / verifylogin/user/ • https://www.facebook. fblogin.com /home

  17. Analyze Phishy URL’s

  18. • http://bankofthevvest.com Bad URL Good URL • https://getsupport.apple.com/?caller=home&PRKEYS= • http://snapchat.verification.com Bad URL • http://instagram.privacy-information.socialapp.com Bad URL

  19. One More Example

  20. One More Example

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing In a Nutshell 2. Phishing Types & Techniques 3. Phishing Stats & Modern Trends 4. Case-Study 5. Stay Safe 2 Speaker ABOUT ME

478 views • 24 slides
Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

School of Fin ine Arts Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the attempt to obtain personal information such as passwords and logins for malicious purposes. By appearing to be legitimate the

255 views • 13 slides
VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of

VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of

THE STATE OF PHISHING ATTACK VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of Phishing Counter Measures Reports on Phishing Isaac K. Acheampong Facilities Manager BSc IT, Dip. IT, Sec+ STATE OF

711 views • 34 slides
Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing? Phishing email messages, websites, and phone calls are designed to steal money or sensitive information. Cybercriminals can do this by installing

264 views • 24 slides
PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing

PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing

PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing 3.0 Phishing kit 4.0 Types of Phishing 5.0 Avoidance Techniques 6.0 Effect of Phishing on Businesses 7.0 Demos & Practical INTRODUCTION

565 views • 27 slides
Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition of spear phishing Why is spear phishing so valuable to attackers Spear phishing defenses / countermeasures Training concepts and delivery

434 views • 8 slides
Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring: What is phishing? How phishing can damage a business What are the difgerent types of phishing? How to spot a phishing email What to do if

159 views • 12 slides
of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results

of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results

PhishEye: Xiao Han Nizar Kheir Live Monitoring Davide Balzarotti of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results [APWG Phishing Activity Trends Report 2 nd Quarter 2016] All time high record

921 views • 59 slides
Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing

Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing

Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing 2. Strategic defense techniques 3. A new client based solution: DOMAntiPhish 4. Conclusions Nature of Phishing Statistics from the Anti

536 views • 31 slides
Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke

Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke

Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke Tian, Steve T.K. Jan , Hang Hu, Danfeng Yao, Gang Wang Computer Science, Virginia Tech Phishing is a Big Th Threat Phishing: fraudulent attempt

411 views • 30 slides
Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able to: Define phishing Identify signs of a potential phishing email Know where to report phishing emails to and how to report them

168 views • 15 slides
Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why Phishing Works. Gelernter, N., Kalma, S., Magnezi, B., & Porcilan, H. (2017). The Password Reset MitM Attack. What is Phishing? Dhamija, R.,

528 views • 50 slides
Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts DrLaneA@mail.com b.miller@tcu.edu Bursar-SecureServices@me.com jbickford@necc.mass.edu No proof of identity Could already be compromised

343 views • 7 slides
Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing Attack An email address that tries to disguise itself as legitimate Outlook Team <msOutlook@outlook.com> Confirm Acount Details Hello

108 views • 7 slides
Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin

Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin

Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin D. Fairbanks, Nick Feamster Motivation Source - Phishing Activity Trends Report July, 2006 , Anti-Phishing workgroup Our work done from Jan

395 views • 24 slides
Phishing Emails CS 142 Lecture Notes: Security Attacks: Phishing Slide 1 Legitimate: Extended

Phishing Emails CS 142 Lecture Notes: Security Attacks: Phishing Slide 1 Legitimate: Extended

Phishing Emails CS 142 Lecture Notes: Security Attacks: Phishing Slide 1 Legitimate: Extended Validation CS 142 Lecture Notes: Security Attacks: Phishing Slide 2 Obviously Illegitimate http://rusprory.mass.hc.ru/old_site/update/index.php CS

550 views • 10 slides
Assistant City Auditor IV Robert Rubel has been with the Office of the City Auditor since February

Assistant City Auditor IV Robert Rubel has been with the Office of the City Auditor since February

Robert Rubel, CPA, CIA, CISA Assistant City Auditor IV Robert Rubel has been with the Office of the City Auditor since February 2013 and currently serves as an Assistant City Auditor IV. He has conducted performance audits of the City of Dallas

420 views • 18 slides
Scams Awareness Month July 2016 Did you know? A scam is a scheme to con people out of their

Scams Awareness Month July 2016 Did you know? A scam is a scheme to con people out of their

Scams Awareness Month July 2016 Did you know? A scam is a scheme to con people out of their money. Other names for a scam include fraud, hoax, con, swindle, cheat. Each year millions of people in the UK fall prey to scammers.

729 views • 14 slides
WELCOME Welcome to Security Awareness Month Hosted by the Office of Information Technology

WELCOME Welcome to Security Awareness Month Hosted by the Office of Information Technology

WELCOME Welcome to Security Awareness Month Hosted by the Office of Information Technology October 2018 1 What is Prevent, Plan, and Prepare National We live in a world that is more connected than ever before. The Internet touches Cyber

785 views • 42 slides
www.infosecawareness.in Agenda Financial Safety and Security - Awareness E-wallet- Usage,

www.infosecawareness.in Agenda Financial Safety and Security - Awareness E-wallet- Usage,

INFORMATION SECURITY AWARENESS keeping yourself and your family safe in a tech driven world www.isea.gov.in www.infosecawareness.in Agenda Financial Safety and Security - Awareness E-wallet- Usage, security and Guidelines Insta loan

604 views • 29 slides
2018 National Income Tax Workbook Chapter 3, IRS Update Presenters Name: Shawn Savage IRS

2018 National Income Tax Workbook Chapter 3, IRS Update Presenters Name: Shawn Savage IRS

University of Illinois 2018 National Income Tax Workbook Chapter 3, IRS Update Presenters Name: Shawn Savage IRS Stakeholder Liaison Date: 10/23,10/25,10/30 Topic 2: Secure Messaging for Correpondence Audits Correspondence

894 views • 37 slides
Retail ail bankin ing in a d digi gital tal world Septemb tember er 2015 Certai ain n

Retail ail bankin ing in a d digi gital tal world Septemb tember er 2015 Certai ain n

Retail ail bankin ing in a d digi gital tal world Septemb tember er 2015 Certai ain n statements nts in these se slides s are forwar ard-loo ooki king statements nts. . These statements nts are based on management' nt's s

606 views • 50 slides
Protecting Consumers Consumer Protection is the largest division and most often interacts with

Protecting Consumers Consumer Protection is the largest division and most often interacts with

Protecting Consumers Consumer Protection is the largest division and most often interacts with the public Common Scams and How to Avoid Them Overview of Common Scams 1. IMPOSTER SCAMS 2. TELEPHONE/ONLINE MARKETING SCAMS 3. HOME REPAIR SCAMS

485 views • 12 slides
Public Awareness Campaign March 2015 #bbbtop10scams http://go.bbb.org/BC-bbbtop10scams Campaign

Public Awareness Campaign March 2015 #bbbtop10scams http://go.bbb.org/BC-bbbtop10scams Campaign

Public Awareness Campaign March 2015 #bbbtop10scams http://go.bbb.org/BC-bbbtop10scams Campaign Overview Strives to be the most consumer and industry focused awareness campaign in British Columbia, Canada and North America Highlights

179 views • 14 slides

More recommend